Tavis Ormandy showed that LastPass? browser extension can allow malicious websites to access the passwords stored within–even with LastPass? considerable security measures. This vulnerability can be found in all extensions for major browsers, including browsers used by Windows, Linux, and potentially even Apple. To make matters worse, the only requirements for this vulnerability to be exploited is that the extension needs to be installed. Any user who logs in or out could receive malicious code from the website that they are accessing. Like any good developer, LastPass has expressed its commitment to solving this problem, acknowledging the threat as a legitimate issue that must be resolved. Two days after the initial reporting of the incident, LastPass released information discussing the problem more in-depth, including recommendations as for what you should do to minimize your chances of being affected:   Launch websites from the LastPass vault: To retain the highest level of security as possible, it?s better to access websites from the LastPass vault itself. Use Two-Factor Authentication wherever possible: This will add an extra layer of security to prevent leaked credentials from granting easy access to your accounts. Keep an eye out for phishing attacks: Malicious links spread by phishing scams, so before you click on a link in a received message, take a moment to ask yourself if the link in your inbox makes sense. You would think that developers are offended when people find problems in their services, but LastPass has accepted the issue report quite graciously. After all, it?s better that vulnerabilities are found before they are a problem rather than after they have been exploited in the wild. Joe Siegrist, a cofounder and Vice President of LastPass, has this to say regarding the information: ?We greatly appreciate the work of the security community to challenge our product and uncover areas that need improvement.? As per the policies of Project Zero, LastPass has 90 days before Ormandy and friends release the technical details of the vulnerability. In the interim, it?s best to keep LastPass? advice in mind as you go about your daily duties–for your own network?s sake. To ensure your credentials are protected, and to schedule a full security audit, contact White Mountain IT Services at (603) 889-0800. 

Not all hackers are the same. There are different motivations each have, as well as different targets that they generally don?t deviate from. In order to understand the threats you face online, it helps to know who might go after you, as well as their motivations. To accomplish this, let?s review 9 classifications of hackers that may be encountered. The Good Guys White Hat Hackers: As the sole member of this unfortunately brief list, white hat hackers follow a strict code of ethics as they use their skills to benefit average users everywhere. The goal of a white hat hacker is to track and eliminate threats to other users. Most white hat hackers are sanctioned security researchers, but there are those, known as ?grey hats,? who operate outside of the law?s jurisdiction. The Politically Motivated Hacktivists: These are groups of hackers who unite to achieve a common cause, generally crusading for a particular ideology or political stance. Their modus operandi is more often than not to expose their target through a DDoS attack, or embarrass them by defacing websites. Nation State Actors: A nation state actor is one who is directly connected to the government they hack for, often as a part of the military or intelligence gathering branches. Despite their long-term goals and truly considerable budgets, they will often resort to common hacking tools to avoid expending their high-end methods wastefully. Nationalist Hackers: A step down from the nation state hacker, nationalist hackers are given a blind eye by the legal system of their country because their activities are beneficial to the goals of their country. The Amateurs Script Kiddies: These actors are the delinquents of the hacking spectrum, accomplishing little, for little-to-no financial gain. Typically those with limited skills, script kiddies will often attempt to write basic malware or take part in a larger group?s attack. The Criminally Motivated Cyber Mercenaries: Cyber mercenaries are exactly what they sound like: mercenaries who operate in cyberspace. They are hackers-for-hire, in a sense, often brought on to assist another attacker for a stake in the bounty. Organized Criminals: As their name would suggest, organized criminals are hackers who have a firmly defined web of responsibilities within an equally firmly established supply chain. This discipline enables the organized criminal to profit from their crimes with relative ease. Repeat Offenders: Similar to the organized criminal, these hackers are not without some skill, but they lack the underworld network of the organized criminal. As a result, the repeat offender is not able to profit as much from their crimes. Malicious Insider: These are the cybercriminals who sit next to you in the workplace, actively working to undermine the company or organization. Whether they are motivated by a grudge or money, they leverage their position to commit their crimes. Of all of these threats, which would you guess causes the greatest problems for SMBs? If you guessed the malicious insider, you?d unfortunately be right. However, that doesn?t mean that you are immune from negative influence from the other hacker types. You?re going to need a solid security solution in place to keep your business safe. White Mountain IT Services can help with that. Give our experts a call at (603) 889-0800 before one of these groups targets you.

Here are three things that you can do to troubleshoot your Internet connection should it be down for some reason. Make Sure Everything is Plugged InThe device that gives your organization a connection in the first place is your modem. This is the little box that plugs into the telephone jack in your office. With so many wires in your office, it?s easy for something to get unplugged without anyone realizing it. Investigate the problem at its source by making sure that the modem is properly plugged into the outlet, and that the router is plugged into the modem. Be sure to check that no wires are loose, as even something as simple as this could be a problem. Give it a RestartDepending on what the nature of your Internet connection?s issue is, restarting the modem is probably one of the more simple ways to fix it. Just unplug it from the outlet and wait a couple of minutes before plugging it back in. Worst case scenario, you?ll need to reach out to the Internet service provider and request a new one, as they are often the ones responsible for doing so. Another option that you can try is to restart the router. This is something that you have a bit more control over, as your organization is responsible for procuring the wireless router itself. Simply unplug the router and wait for a couple of minutes before plugging it back in. Once you?ve done so, give it another go. Contact Your Internet Service ProviderIf all of this doesn?t help, the best thing that you can do is to reach out to your Internet service provider and make sure that nothing is faulty on their end. Since your ISP?s hardware is something that you can?t really do anything about (besides calling them, of course), you?ll just have to wait and see if they can resolve the problem. At the very least, you?ll confirm that the issue isn?t related to their services, so you?ll have a better idea of what to look for on your end. If none of these methods yield any results, perhaps there is a network configuration issue that?s causing you trouble. If this is the case, it helps to have professional IT technicians around who know how to troubleshoot the problem. White Mountain IT Services can offer the technical assistance needed to troubleshoot and resolve all connectivity issues within your network. To learn more, reach out to us at (603) 889-0800.

The cloud has taken the computing world by storm. You?d be hard-pressed to find a technology that didn?t tie back to the cloud in some way. This is especially true when you consider the needs of the small business, and how the cloud can provide for those needs. But why would you want to trust your computing infrastructure to some other company? We?ve actually seen this paradigm shift before. Around one hundred years ago, many businesses used to have to generate their own electricity. There wasn?t a power grid to simply plug into. Could you imagine having to manage and maintain your own generator for all of your electrical consumption? We?re seeing the same thing with cloud computing. Businesses now have the opportunity to ?plug-in? and use computing resources without needing to purchase and maintain in-house hardware. While many associate the cloud with data storage, the cloud is actually capable of much more. Of course, that isn?t to say that the cloud doesn?t provide powerful and flexible storage solutions. With the ability to access data from anywhere, and with many hosted utilities including software, communications, and security solutions, the cloud presents a valuable option to any business? computing infrastructure. Businesses need to ascertain what kind of computing issues they can solve by leveraging the cloud. Do you need extra storage? Are you looking to enhance your organization?s communications? Do you need solutions to build a more collaborative or cooperative offering? Are you searching for a solution to improve operational efficiency or reduce your computing costs? There are many cloud-based solutions you can choose from to enhance your organization?s computing power and provide ubiquitous and secure delivery of those solutions to the people within your organization that needs them most. For the modern business that can?t commit the kind of money to hosting on-site computing environments that they would typically need to ensure a secure and dynamic computing platform for their staff, utilizing White Mountain IT Services?s expertise to find the cloud solution that is right for you is a great option. For more information about utility computing in the cloud and other hosted solutions, call us today at (603) 889-0800.

Telephone solutions have long been a part of the business environment, but it?s not always a simple process to implement, as no two organizations are the same. How many users do you have? How many telephone units do you need? How many wires will you need to run through your office? These questions, and more, make it much more appealing to consider a digital voice telephony system for your business?s needs. We?ll discuss the various benefits that Voice over Internet Protocol, or VoIP, can offer businesses, regardless of the industry. Reduced CostsTraditional telephone systems rely on you going through your local provider to get service. However, this means that you?ll also be tied down by whatever their service agreement entails. Often times, these agreements will include services that you don?t necessarily want or even need, like television or otherwise. This makes you pay more for a basic service like a telephone, but without any real significant benefit for the extra costs. It?s like paying for Netflix but not using it for anything. VoIP doesn?t ask you to sign up for anything extra. You get exactly what you pay for, and it takes advantage of a service that you already use regularly: your Internet. Your voice can be transferred through the Internet to the recipient instead of traditional telephone lines. The only thing to watch out for is your bandwidth, since relying on VoIP for your communication needs will require more network resources. A Simpler InfrastructureIt?s not easy to make changes to your organization?s cabling infrastructure once it?s been established. This also makes it a bit more difficult to grow in the long run, as the same cabling infrastructure that worked for you years ago, may not necessarily be able to handle an increase in growth. Therefore, businesses that want to be able to adapt to changes in their infrastructure must create one from the ground up that?s designed with flexibility in mind–not the easiest of tasks. Thanks to the one-time setup costs of VoIP, you don?t have to tear down walls and run new lines just to add new users to your telephone infrastructure. All you have to do is contact your provider and have them add new users into the system. A More Flexible Business ModelOne of the most difficult parts of running a business is managing the many communication mediums at your disposal. You might even have multiple phones that you use–one for your personal affairs, and one for your business dealings. Wouldn?t it be great if you could get all of your different phone numbers without carrying multiple devices on you at all times? The great thing about VoIP is that your employees have multiple ways of accessing your telephone solution. Whether you want a desktop soft phone, a smartphone app, or a traditional telephone handset, VoIP allows for a highly customizable experience. This flexibility allows your organization to fully leverage mobile devices and connected technology, making VoIP a fantastic solution for organizations that need the extra boost. For more information about VoIP, reach out to White Mountain IT Services at (603) 889-0800. We can assist your organization with setting up VoIP from start to finish.